Press Release
January 25, 2018
Digital Arts Inc.
Started offering cyber-risk information service D-Alert free of charge
~Beginning to offer a service to reduce risk for customers who suspect falling victim to malware infection or homepage falsification~
TOKYO, Japan (January 25, 2018) – Digital Arts Inc. (headquartered in Chiyoda-ku, Tokyo, Japan, CEO: Toshio Dogu, hereinafter referred to as “Digital Arts”, Code 2326) a leading provider of information security software, has begun to offer “D-Alert Cyber-risk Information Service” (hereinafter referred to as “D-Alert”) free of charge. D-Alert informs clients and non-clients information on malware infection and falsified homepages. It utilizes the functions of internet security solution i-FILTER Ver.10, which is provided to businesses and government agencies.
In addition to malwares Ursnif and Dreambot, which impersonate major companies with fake e-mails appearing as if sent by delivery or credit card companies, a ransomware called Bad Rabbit, last year also caused damage in Japan through various cyber-attacks. This led the Japan Cybercrime Control Center (JC3) and Information Technology Promotion Agency (IPA) to take steps to increase awareness by releasing information on malware and ransomware. The damage tends to be caused when users are infected through one of several ways. One way is by accessing an unknown URL placed in the main body. Another is opening a file attached to a received e-mail, then executing a macro that communicates with an unknown URL in the background.
In Digital Arts’ i-FILTER Ver. 10, if the URL the user intends to access is an unknown URL, that data with all personal and other parameters removed is stored in i-FILTER Ver. 10, and the “Cloud Lookup Function” database after categorization. i-FILTER Ver. 10 has, since its introduction, been used and upgraded by hundreds of customers. These customers provide access data every day on all kinds of unknown URLs suspected of carrying malware.
i-FILTER Ver. 10’s cloud lookup function
With the “cloud lookup function” installed in i-FILTER Ver.10 and the latest database, even if the website that the customer accessed contains malware that has not been confirmed in the world yet, i-FILTER is still able to block access to such websites and prevent access. In the case of Bad Rabbit ransomware, i-FILTER blocked the sites even before the infection damage was confirmed all over the world.
Therefore, Digital Arts identifies customers who are suspected to have been infected with malware or shown maliciously falsified web pages. This information comes from URL access log data accumulated every day, which is provided by both customers and non-customers. Through our free D-Alert service, we wish to minimize damage to customers and lead to the implementation of security measures to potential customers.
In order to reduce the burden of IT security on customers, we will continue to acquire information on various types of malware and gather information on malicious websites. We will also focus on responding promptly to strengthen functions to handle increasingly complicated external attacks.
Case study on D-Alert information provision service
We have already provided information to several customers, and have been successfully defending against information leakage caused by malware infections. Below are some examples of existing cases.
- Points of an actual case that occurred on November 10, 2017
-
- ・A user device at Company A that was infected with malware before i-FILTER Ver. 10 was installed attempted to access the URL of a C&C server after i-FILTER Ver. 10 had been installed, but i-FILTER Ver.10 successfully blocked the attempt, thereby preventing an information leak.
- ・Analysis of the uncategorized URLs alerted that the website was malicious, and this information was distributed to customers of all versions of i-FILTER.
- ・We reported the suspicion of malware infection to Company A and provided guidance on how to respond.
Case of providing information through D-Alert service
- Details of an actual case that occurred on December 7, 2017
-
- ・Company A accesses a customer’s homepage. The homepage was faked, so Company A user is redirected to a malware download URL.
- ・The malware download URL was blocked and malware infection was prevented because i-FILTER Ver.10 treated the website as an uncategorized URL.
- ・Analysis of the uncategorized URL conducted by Digital Arts revealed that the URL was malicious. This information was then distributed it to all customers of all versions of i-FILTER.
- ・Report on malware information of the blocked website was provided to Company A.
- ・Information was provided to the website owner (who was not Digital Arts’ customer) about their HP having been tampered with.
Case of providing information through D-Alert service
Situation in which blocking happened before Bad Rabbit infection damage confirmation
In the case in October last year of a customer with i-FILTER Ver. 10 installed, we were able to confirm that after having been redirected from the altered site of a certain company, the customer accessed a site that led the customer to a malicious website distributing ransomware. After we confirmed the malicious website, we updated the i-FILTER’s database for all versions on October 17. By doing this we prevented all of our customers from accidentally accessing the website and becoming infected.
As of October 17, 2017, no damage due to infection was seen anywhere, but i-FILTER Ver. 10 customers were guarded against damage through its blocking feature. Later, on October 26, IPA released a warning in the form of “Important Security Information*1”.
- ※ DIGITAL ARTS, i-FILTER, info board, ARS, ActiveRatingSystem, ACTIVE RATING, ZBRAIN, D-SPA, SP-Cache, NET FILTER, White Web, m-FILTER, m-FILTER MailFilter, m-FILTER Archive, m-FILTER Anti-Spam, m-FILTER File Scan, Mail Detox, DigitalArts@Cloud, D Alert, and related logos and icons are trademarks or registered trademarks of Digital Arts Inc. FinalCode is a registered trademark of FinalCode, Inc.